cpe:2.3:a:sun:java_system_web_server:6.0:sp5:*:*:*:*:*:*
HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors.
Max CVSS
6.8
EPSS Score
1.26%
Published
2006-12-04
Updated
2024-02-09
Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.
Max CVSS
4.0
EPSS Score
0.34%
Published
2006-07-28
Updated
2017-07-20
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!